CVE-2025-7021
Published: 10 July 2025
Summary
CVE-2025-7021 is a medium-severity User Interface (UI) Misrepresentation of Critical Information (CWE-451) vulnerability in Openai Operator. Its CVSS base score is 6.9 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique GUI Input Capture (T1056.002); ranked at the 36.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the Privacy and Disclosure risk domain.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-21038
Vulnerability details
Fullscreen API Spoofing and UI Redressing in the handling of Fullscreen API and UI rendering in OpenAI Operator SaaS on Web allows a remote attacker to capture sensitive user input (e.g., login credentials, email addresses) via displaying a deceptive fullscreen…
more
interface with overlaid fake browser controls and a distracting element (like a cookie consent screen) to obscure fullscreen notifications, tricking the user into interacting with the malicious site.
- CWE(s)
AI Security AnalysisAI
- AI Category
- Enterprise AI Assistants
- Risk Domain
- Privacy and Disclosure
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: openai
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability enables GUI input capture (T1056.002) by spoofing Fullscreen API notifications and overlaying deceptive fake browser controls/iframes to trick interactions; facilitated via drive-by compromise (T1189) when the OpenAI Operator SaaS visits a malicious page.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.